New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CAS-005 Exam - Topic 2 Question 13 Discussion

Actual exam question for CompTIA's CAS-005 exam
Question #: 13
Topic #: 2
[All CAS-005 Questions]

A company wants to install a three-tier approach to separate the web. database, and application servers A security administrator must harden the environment which of the following is the best solution?

Show Suggested Answer Hide Answer
Suggested Answer: C

The best solution to harden a three-tier environment (web, database, and application servers) is to implement microsegmentation on the server VLANs. Here's why:

Enhanced Security: Microsegmentation creates granular security zones within the data center, allowing for more precise control over east-west traffic between servers. This helps prevent lateral movement by attackers who may gain access to one part of the network.

Isolation of Tiers: By segmenting the web, database, and application servers, the organization can apply specific security policies and controls to each segment, reducing the risk of cross-tier attacks.

Compliance and Best Practices: Microsegmentation aligns with best practices for network security and helps meet compliance requirements by ensuring that sensitive data and systems are properly isolated and protected.


CompTIA Security+ SY0-601 Study Guide by Mike Chapple and David Seidl

NIST Special Publication 800-125: Guide to Security for Full Virtualization Technologies

CIS Controls: Control 12 - Boundary Defense

by Ernest at Apr 07, 2025, 04:30 AM

Limited Time Offer

25%

Off

Get Premium CAS-005 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Karol
2 months ago
A VPN won't really harden the environment like microsegmentation can.
upvoted 0 times
...
Dorsey
2 months ago
Totally agree, microsegmentation really limits exposure!
upvoted 0 times
...
Mauricio
2 months ago
I think implementing microsegmentation is key for security.
upvoted 0 times
...
Tegan
3 months ago
Surprised that people still think firewalls are enough these days.
upvoted 0 times
...
Mattie
3 months ago
SASb solutions are cool, but I’m not sure they’re the best choice here.
upvoted 0 times
...
Chantell
3 months ago
Installing a firewall sounds good, but I wonder if making it the network core is really the best approach for a three-tier architecture.
upvoted 0 times
...
Naomi
3 months ago
I feel like configuring a SASb solution is more about user access than actually hardening the environment itself.
upvoted 0 times
...
Laurel
4 months ago
I'm not entirely sure, but I think deploying a VPN might not be the best choice for hardening the servers.
upvoted 0 times
...
Rachael
4 months ago
I remember we discussed microsegmentation in class; it seems like a strong option for isolating servers.
upvoted 0 times
...
Johnathon
4 months ago
Configuring a SASE solution could work, but I'm not sure if that's the most appropriate option for this specific scenario. I'll need to research that further.
upvoted 0 times
...
Denna
4 months ago
Deploying a VPN might be a good start, but it doesn't seem like it would fully address the need to separate the web, database, and application servers.
upvoted 0 times
...
Shawnna
4 months ago
I'm a bit confused about the difference between a VPN and microsegmentation. I'll need to review those concepts before deciding.
upvoted 0 times
...
Remedios
5 months ago
Okay, let's see. Implementing microsegmentation on the server VLANs sounds like the most comprehensive approach to hardening the environment.
upvoted 0 times
...
Shannon
5 months ago
Hmm, this seems like a tricky one. I'll need to think through the different options carefully to determine the best solution.
upvoted 0 times
...
Christoper
9 months ago
SASb? Isn't that some kind of fancy-pants solution for people who have too much money and not enough security know-how? Microsegmentation is the real deal.
upvoted 0 times
Anglea
8 months ago
I agree, microsegmentation provides a more granular level of security compared to other solutions.
upvoted 0 times
...
Nguyet
8 months ago
True, SASb may be effective, but microsegmentation offers better control and isolation.
upvoted 0 times
...
Shawn
9 months ago
But what about using SASb? It's known for providing strong security measures.
upvoted 0 times
...
Abel
9 months ago
Microsegmentation is definitely the way to go for securing the environment.
upvoted 0 times
...
...
Arlie
10 months ago
A VPN to prevent remote access? That's so 2010. Microsegmentation is where it's at these days. Keep up with the times, folks!
upvoted 0 times
Helga
9 months ago
It's much more effective than just relying on a VPN for security.
upvoted 0 times
...
Dorsey
9 months ago
I agree, it provides granular control and limits lateral movement within the network.
upvoted 0 times
...
Susana
9 months ago
Microsegmentation is definitely the way to go for securing the environment.
upvoted 0 times
...
...
Deeanna
10 months ago
I'm not sure, but I think deploying a VPN could also be a good option to prevent unauthorized access.
upvoted 0 times
...
Phuong
10 months ago
I agree with Annmarie, microsegmentation can provide granular control and enhance security.
upvoted 0 times
...
Rashida
10 months ago
Hmm, I don't know about that. Installing a firewall at the network core? That's like using a sledgehammer to crack a nut. Talk about overkill!
upvoted 0 times
Dorcas
8 months ago
User 4: Dorcas, that's another good suggestion. ACLs can provide an additional layer of security without the need for a sledgehammer approach like a firewall at the network core.
upvoted 0 times
...
Mi
9 months ago
User 3: What about using access control lists (ACLs) to restrict traffic between the servers?
upvoted 0 times
...
Pamella
9 months ago
User 2: Pamella, that's a good idea. VLANs can help isolate the servers without the need for a firewall at the network core.
upvoted 0 times
...
Isreal
10 months ago
User 1: How about implementing VLANs to separate the servers?
upvoted 0 times
...
...
Stanford
10 months ago
C) Implementing microsegmentation on the server VLANs is the way to go. That's the best solution to harden the environment and limit access to specific server resources.
upvoted 0 times
...
Annmarie
11 months ago
I think the best solution is implementing microsegmentation on the server VLANs.
upvoted 0 times
...

Save Cancel